Integration/Implementation of HIPAA with NIST Cybersecurity Framework: Free Webinar

Date: Wednesday, October 28, 2020 11:00 AM EDT | Duration: 60 Min


Course Description:

Information security programs within Covered Entities are required to comply with the HIPAA Security and Privacy rules. However, building an information security program on HIPAA itself lacks the structure and guidance required to build a strong and effective program. This seminar shows how to integrate the HIPAA Security and Privacy rules into a comprehensive cybersecurity framework.

This seminar will lay out a proven approach to building security programs through a framework-based design and effective measurements and tracking.

The student will learn the following:

  • How to build a security program on an established framework. You will learn the benefits of using a framework, discuss popular frameworks such as NIST CSF and ISO 27001.
  • How to integrate HIPAA security and privacy controls into the selected framework. You will learn how to map HIPAA (and any other) controls into a selected framework including free tools and resources that make it easy.
  • How to assess cybersecurity using the adopted framework. You will be introduced to methods of assessing cybersecurity risk using the framework they adopted. Introductory topics will include the RIIOT data-gathering method, basic risk scoping methods, and risk presentation methods (e.g., heat maps, dashboards, and reports).

Why Should You Attend:

  • Incomplete Cybersecurity Program? Cybersecurity programs based on regulations alone are incomplete. Are you certain your cybersecurity program is not leaving anything out? Would this be considered negligent?
  • Inadequate Program? Covered entities are entrusted to adequately protection personal health information (PHI). How do you know your protections are adequate?
  • Ineffective Cybersecurity Program Management? Cybersecurity programs are notoriously difficult to build and track when implemented based on regulations, intuition, or even auditor direction. Building security programs based on established frameworks allows for effective management and assurance in a strong and defensible program.

Areas Covered in the Webinar:

  • HIPAA Security and Privacy Rules
  • Dangers of the regulation-based security programs
  • Basic Cyber Security Frameworks (NIST CSF, ISO 27001)
  • Integration of cybersecurity requirements into selected framework
  • Building a security program based on a populated framework
  • Assessing cybersecurity risk using industry methods (RIIOT data gathering, risk presentations, dashboards)
  • Dangers of the survey-based risk assessments
  • How to present to the board

Who will Benefit:

  • HIPAA Security Officer
  • HIPAA Privacy Officer
  • Chief Information Security Officer
  • Information Security Officer
  • Information Security Manager
  • Compliance Officer


Please fill mandatory fields *
By clicking Register Now, you agree to the Privacy Policy and agree to receive email instructions to attend events, newsletter and training alerts from ComplianceOnline and MetricStream.